right now we got a symptom that i have read quite a few times on several sites on the internet already (when googling for the error). If i send a mail via web client to another internal user (or external user) the mail will not get delivered, but get stuck in the deferred queue. If i choose to requeue the mail it will get delivered properly, but of course i can't monitor the deferred queue all day for this to be delivered properly
the corresponding error in zimbra.log is:
Code: Select all
Jul 5 12:40:36 mail postfix/smtp[1179]: DCB81342C0E: to=<myuser@mydomain.de>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.17, delays=0.02/0.02/0/0.12, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=16723-05 - Temporary MTA failure on relaying, From MTA() during fwd-connect (Negative greeting: 554 5.7.1 <localhost[127.0.0.1]>: Client host rejected: Access denied): id=16723-05 (in reply to end of DATA command))
Our setup is a very simple one. Just one server that hosts several (5) domains. I guess that the error popped up after i changed the MTA networks via admin GUI.
My understanding is, that the MTA trusted networks in the GUI will add the IP-Addresses and networks i add there to the zimbraMtaMyNetworks parameter but if i understand it correct it always also adds 127.0.0.1/8 to it if you change it via Web Admin Gui.
My setting right now is only two networks, basically 192.168.0.0/24 and 192.168.3.0/24. The first one being the subnet the mail server itself is part of, the other one is a separate network i want to relay from (but that is not really crucial and could be deleted).
the output of zmprov gd zimbraMtaMyNetworks shows only those two mentioned ip networks and not the 127.0.0.1/8
btw: https://www.jorgedelacruz.es/2014/07/21 ... -beta-iii/
this does not solve the problem
neither does the solution here http://ubuntuforums.org/showthread.php?t=2173036
which logs can i try to use to troubleshoot this issue ?
//EDIT//
after adding 127.0.0.1/8 to my MTA Networks the error message changed to "connection refused"
Code: Select all
Jul 5 13:52:31 mail zmconfigd[34910]: All rewrite threads completed in 0.00 sec
Jul 5 13:52:31 mail zmconfigd[34910]: All restarts completed in 0.00 sec
Jul 5 13:52:35 mail slapd[34890]: slap_queue_csn: queueing 0x73bd680 20160705115235.372453Z#000000#000#000000
Jul 5 13:52:35 mail slapd[34890]: slap_graduate_commit_csn: removing 0x73bd680 20160705115235.372453Z#000000#000#000000
Jul 5 13:52:47 mail postfix/postscreen[53042]: CONNECT from [192.168.0.190]:53603 to [192.168.0.190]:25
Jul 5 13:52:47 mail postfix/postscreen[53042]: WHITELISTED [192.168.0.190]:53603
Jul 5 13:52:47 mail postfix/smtpd[53043]: connect from mail.mydom.local[192.168.0.190]
Jul 5 13:52:48 mail postfix/smtpd[53043]: NOQUEUE: filter: RCPT from mail.mydom.local[192.168.0.190]: <extuser1@external.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<extuser1@external.com> to=<Administrator@internal.lan> proto=ESMTP helo=<mail.mydom.local>
Jul 5 13:52:48 mail postfix/smtpd[53043]: 056B0342C0E: client=mail.mydom.local[192.168.0.190]
Jul 5 13:52:48 mail postfix/cleanup[53046]: 056B0342C0E: message-id=<742982441.3.1467719567707.JavaMail.zimbra@external.com>
Jul 5 13:52:48 mail postfix/qmgr[37521]: 056B0342C0E: from=<extuser1@external.com>, size=2932, nrcpt=1 (queue active)
Jul 5 13:52:48 mail postfix/smtpd[53043]: disconnect from mail.mydom.local[192.168.0.190] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 5 13:52:48 mail amavis[36847]: (36847-03) ESMTP [127.0.0.1]:10026 /opt/zimbra/data/amavisd/tmp/amavis-20160705T133018-36847-zF0KG_zM: <extuser1@external.com> -> <administrator@internal.lan> Received: from mx.scngmbh.eu ([127.0.0.1]) by localhost (mail.mydom.local [127.0.0.1]) (amavisd-new, port 10026) with ESMTP for <administrator@internal.lan>; Tue, 5 Jul 2016 13:52:48 +0200 (CEST)
Jul 5 13:52:48 mail amavis[36847]: (36847-03) Checking: pOunmJX9EPTZ ORIGINATING/MYNETS [192.168.0.190] <extuser1@external.com> -> <administrator@internal.lan>
Jul 5 13:52:48 mail postfix/dkimmilter/smtpd[53049]: connect from localhost[127.0.0.1]
Jul 5 13:52:48 mail postfix/dkimmilter/smtpd[53049]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "127.0.0.1/8", perhaps you should use "127.0.0.0/8" instead
Jul 5 13:52:48 mail postfix/dkimmilter/smtpd[53049]: warning: mynetworks: non-null host address bits in "127.0.0.1/8", perhaps you should use "127.0.0.0/8" instead
Jul 5 13:52:48 mail postfix/dkimmilter/smtpd[53049]: NOQUEUE: reject: CONNECT from localhost[127.0.0.1]: 451 4.3.0 <localhost[127.0.0.1]>: Temporary lookup failure; proto=SMTP
Jul 5 13:52:48 mail postfix/dkimmilter/smtpd[53049]: warning: smtpd_client_event_limit_exceptions: non-null host address bits in "127.0.0.1/8", perhaps you should use "127.0.0.0/8" instead
Jul 5 13:52:48 mail amavis[36847]: (36847-03) (!)pOunmJX9EPTZ FWD from <extuser1@external.com> -> <administrator@internal.lan>, 451 4.5.0 From MTA() during fwd-connect (Negative greeting: 451 4.3.0 <localhost[127.0.0.1]>: Temporary lookup failure): id=36847-03
Jul 5 13:52:48 mail postfix/dkimmilter/smtpd[53049]: lost connection after CONNECT from localhost[127.0.0.1]
Jul 5 13:52:48 mail postfix/dkimmilter/smtpd[53049]: disconnect from localhost[127.0.0.1] commands=0/0
Jul 5 13:52:48 mail amavis[36847]: (36847-03) Blocked MTA-BLOCKED {TempFailedInternal}, ORIGINATING/MYNETS LOCAL [192.168.0.190]:53603 <extuser1@external.com> -> <administrator@internal.lan>, Queue-ID: 056B0342C0E, Message-ID: <742982441.3.1467719567707.JavaMail.zimbra@external.com>, mail_id: pOunmJX9EPTZ, Hits: -, size: 2932, 126 ms
Jul 5 13:52:48 mail postfix/smtp[53047]: 056B0342C0E: to=<administrator@internal.lan>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.18, delays=0.03/0.02/0/0.12, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=36847-03 - Temporary MTA failure on relaying, From MTA() during fwd-connect (Negative greeting: 451 4.3.0 <localhost[127.0.0.1]>: Temporary lookup failure): id=36847-03 (in reply to end of DATA command))
after a zmcontrol restart things are ok again and everything gets delivered as expected:
TLDR; changed zimbraMtaMyNetworks to not include 127.0.0.0/8 and relaying stopped working, because amavis-d got an error, requeuing the mails did get them delivered. adding 127.0.0.1/8 did give a different error with same symptoms and finally changing it to 127.0.0.0/8 and restarting the zimbra servers remediated the situation.